WHAT IS CLAIMED IS: 



1 1 . An electronic commerce card authentication system comprising: 

2 a central transaction server adapted to: 

3 receive an authentication request from a cardholder system; 

4 forward the authentication request to an access control server; 

5 relay authentication information between the access control server and 

6 the cardholder system; 

7 receive an authentication response from the access control server; and 

8 forward the authentication response to the cardholder system. 

1 2. The electronic commerce card authentication system of claim 1, 

2 wherein the authentication response is adapted to be analyzed by a merchant system. 

1 3. The electronic commerce card authentication system of claim 1, 

2 wherein the central transaction server is adapted to forward a copy of the authentication 

3 response to an authentication history server to be archived. 



4. The electronic commerce card authentication system of claim 1, 
wherein the central transaction server is further adapted to receive ji verifying enrollment 
request from a directory server, and to send a verifying enrollment response to the directory 
server. 



1 5. The electronic commerce card authentication system of claim . 4, 

2 wherein the central transaction server is adapted to send the verifying enrollment response in 

3 response to a query to the access control server. 

1 6. The electronic commerce card authentication system of claim 4, 

2 wherein the central transaction server is adapted to send the verifying enrollment response to 

3 the directory server with or without querying the access control server, and is further adapted 

4 to query the access control server in response to receiving an authentication request. 

1 7. The electronic commerce card authentication system of claim 1, 

2 wherein the authentication request includes a pseudonym corresponding to an electronic 

3 commerce card account number and previously created by the central transaction server. 
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1 8. The electronic commerce card authentication system of claim 1, 

2 wherein the authentication request includes a pseudonym previously created by a merchant 

3 system that corresponds to an electronic commerce card account number. 

1 9. The electronic commerce card authentication system of claim 1, 

2 wherein the central transaction server is adapted to initiate a charge request via a card 

3 association network in response to receiving an authentication response from the access 

4 control server. 

1 10. A method of authenticating electronic commerce card information 

2 provided by a cardholder, the method comprising: 

3 receiving an authentication request from a cardholder system; 

4 forwarding the authentication request to an access control server; 

5 relaying authentication information between the access control server and the 

6 cardholder system; 

7 receiving an authentication response from the access control server; and 

8 forwarding the authentication response to the cardholder system. 

1 11. The method of claim 10, wherein the authentication^ response is 

2 adapted to be analyzed by a merchant system. 

1 12. The method of claim 10, further comprising forwarding a copy of the 

2 authentication response to an authentication history server to be archived. 

1 13. The method of claim 1 0, further comprising receiving a verifying 

2 enrollment request from a directory server, and sending a verifying enrollment response to 

3 the directory server. 

1 14. The method of claim 13, wherein the verifying enrollment response is 

2 sent in response to a query to the access control server. 

1 15. The method of claim 13, wherein the verifying enrollment response is 

2 sent to the directory server without querying the access control server, and further comprising 

3 querying the access control server in response to receiving an authentication request. 



15 



1 16. The method of claim 10, wherein the authentication request includes a 

2 pseudonym previously created by the central transaction server that corresponds to an 

3 electronic commerce card account number. 

1 17. The method of claim 10, wherein the authentication request includes a 

2 pseudonym previously created by a merchant system that corresponds to an electronic 

3 commerce card account number. 

1 18. The method of claim 1 , further comprising initiating a charge request 

2 via a card association network in response to receiving an authentication response from the 

3 access control server. 

1 19. An information storage medium including a set of instruction adapted 

2 to operate an information processing device to perform a set of steps, the set of steps 

3 comprising: 

4 receiving an authentication request from a cardholder system; 

5 forwarding the authentication request to an access control server; 

6 relaying authentication information between the access control server and the 

7 cardholder system; 

8 - receiving an authentication response from the access control server;~and 

9 forwarding the authentication response to the cardholder system. 

1 20. The information storage medium of claim 19, wherein the 

2 authentication response is adapted to be analyzed by a merchant system. 

1 21. The information storage medium of claim 19, wherein the set of steps 

2 further comprises forwarding a copy of the authentication response to an authentication 

3 history server to be archived. 

1 22. The information storage medium of claim 19, wherein the set of steps 

2 further comprises receiving a verifying enrollment request from a directory server, and 

3 sending a verifying enrollment response to the directory server. 

1 23. The information storage medium of claim 22, wherein the verifying 

2 enrollment response is sent in response to a query to the access control server. 
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1 24. The information storage medium of claim 22, wherein the verifying 

2 enrollment response is sent to the directory server without querying the access control server, 

3 and the set of steps further comprise querying the access control server in response to 

4 receiving an authentication request. 

1 25. The information storage medium of claim 19, wherein the 

2 authentication request includes a pseudonym previously created by the central transaction 

3 server that corresponds to an electronic commerce card account number. 

1 26. The information storage medium of claim 19, wherein the 

2 authentication request includes a pseudonym previously created by a merchant system that 

3 corresponds to an electronic commerce card account number. 

1 27. The information storage medium of claim 19, wherein the set of steps 

2 further comprises initiating a charge request via a card association network in response to 

3 receiving an authentication response from the access control server. 

1 28. The method of claim 14, further comprising: 

2 receiving the verifying enrollment response from the access control server in 
3 response to the query; and ~ 

4 forwarding the verifying enrollment response to the directory server. 

1 29. The method of claim 28, further comprising: 

2 modifying the verifying enrollment response received from the access control 

3 server; and 

4 forwarding the modified verifying enrollment response to the directory server. 

1 30. The information storage medium of claim 22, further comprising: 

2 receiving the verifying enrollment response from the access control server in 

3 response to the query; and 

4 forwarding the verifying enrollment response to the directory server. 

1 31. The information storage medium of claim 30, further comprising: 

2 modifying the verifying enrollment response received from the access control 

3 server; and 
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forwarding the modified verifying enrollment response to the directory server. 
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